Malware.AI.4280019852 removal guide

The Malware.AI.4280019852 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4280019852 virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the shellcode get eip malware family

How to determine Malware.AI.4280019852?


File Info:
name: 7D2C23C09EBFA5705FCB.mlw
path: /opt/CAPEv2/storage/binaries/ebb7abe476e56cbf463886a9f98aafc6bec3432b4eadfeae6f9f2ee8cd7a6598
crc32: 1409DA4E
md5: 7d2c23c09ebfa5705fcba58c78d7150e
sha1: 52823427123e7bbd13d5c4d558dff9ce4ecfbe6c
sha256: ebb7abe476e56cbf463886a9f98aafc6bec3432b4eadfeae6f9f2ee8cd7a6598
sha512: c497109eb6188a3c6c247b8709ffbbab96a18add21cb02cd6cbb01789e509a26d9a163a25ccea2a55380dd82726b0711145713da02dbecb88b41fe30a0182b49
ssdeep: 24576:s0sKx/fPes09oIiWrAlGpdQ+yxaFQf12w5rKpARwzBdGMbq0a7i2a1y:Ko/HeoIixlGpxeamfJKSRwt/bq0P2a1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T199653304F269934FE56F83FA8C60D5000BB055879162CAAD2CDB625D7881F964F87BF7
sha3_384: 422f56a0f27f8a46ae276546e9b848aa69110e202fcad472ea7616478bb002174770841b0bf2c42a2f1f98408a6b61c8
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-09-02 03:59:21

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: AutoUpdate
FileVersion: 1.0.0.0
InternalName: AutoUpdate.exe
LegalCopyright: Copyright ©  Kháng Thiên Update 2020 
LegalTrademarks: 
OriginalFilename: AutoUpdate.exe
ProductName: AutoUpdate
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4280019852 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
AVG	Win32:TrojanX-gen [Trj]
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.111547
FireEye	Gen:Variant.Lazy.111547
Skyhigh	BehavesLike.Win32.Generic.tc
McAfee	Artemis!7D2C23C09EBF
Malwarebytes	Malware.AI.4280019852
Sangfor	Trojan.Win32.Lazy.Vvgp
CrowdStrike	win/malicious_confidence_70% (D)
Symantec	Trojan.Gen.MBT
APEX	Malicious
BitDefender	Gen:Variant.Lazy.111547
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.Lazy.111547 (B)
VIPRE	Gen:Variant.Lazy.111547
Sophos	Generic Reputation PUA (PUA)
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.SGeneric
Microsoft	Program:Win32/Wacapew.C!ml
Arcabit	Trojan.Lazy.D1B3BB
ViRobot	Trojan.Win.Z.Lazy.1447424.A
GData	Gen:Variant.Lazy.111547
AhnLab-V3	Trojan/Win.NT.C5126318
ALYac	Gen:Variant.Lazy.111547
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H09CB24
Fortinet	PossibleThreat
Cybereason	malicious.09ebfa
DeepInstinct	MALICIOUS

How to remove Malware.AI.4280019852?

Malware.AI.4280019852 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X